Privacy Policy
Last updated: May 11, 2026
1. What we collect
We collect account information (name, email, phone), payment information (via Razorpay, we never store full card numbers), social account metadata (followers, engagement) when you connect Instagram/YouTube via OAuth, and basic device + usage data (IP address, browser, pages visited).
2. How we use it
To operate the platform — show creators to brands, brands to creators, process payments, send campaign notifications, and improve the product. We never sell your data.
3. Social account tokens
OAuth tokens for Instagram and YouTube are encrypted at rest with AES-256-GCM. We only read profile + recent post statistics — we never post on your behalf or read your DMs.
4. Cookies
We use essential cookies for authentication. We do not use third-party advertising cookies or cross-site trackers.
5. Sharing with third parties
We share data only with: Razorpay (for payments), Meta and Google (for the OAuth flow you initiate), and email service providers (for transactional emails). These vendors are contractually bound to protect your data.
6. Data retention
We retain account data while your account is active. After closure, we retain transactional records for 7 years to comply with tax law, and delete the rest within 90 days.
7. Your rights
You can access, export, correct, or delete your personal data at any time from your dashboard or by emailing us. We respond to verified requests within 30 days.
8. Children
Collabhype is not for users under 18. If we discover a minor has signed up, we will remove the account.
9. Security
Passwords are hashed with bcrypt. Tokens are encrypted. All traffic is over TLS. We follow industry best practices but no system is 100% secure — please use a strong, unique password.
10. Changes
If we materially change this policy we will notify you. Minor edits are reflected here with an updated "Last updated" date.
Privacy questions? Email privacy@collabhype.in.